This month we’ll be closing out our series featuring women in tech at Imperva. While I work closely with many of the women we’ve spotlighted, I’ve found learning more about their backgrounds so interesting—I hope you have too! Continuing in the series, I spoke with Shiri Margel, team lead in the data security research group at Imperva. Shiri and her colleague Guy Shtar were recently awarded a patent on a machine learning algorithm they developed that identifies improper access to unstructured data.
Tell us how you got into cybersecurity.
SM: I’ve been in the tech industry for about 17 years now, with the last four being in cybersecurity. For my undergraduate degree, I double majored in mathematics and computer science at Tel-Aviv University, then started my career at Radvision, a provider of video conferencing and telepresence-over-IP. After two years in the industry I went back and got my master’s degree in computer science and mathematics – the bioinformatics track, from Weizmann Institute of Science. After that I went back to Radvision for seven more years, five of which I spent working on video algorithms.
When my husband and I moved to Toronto for a couple of years I worked as a senior customer support engineer at Radvision. Then I went on to work as a research assistant at the University of Toronto in the field of virtualization and cloud computing where I led, among other projects, a research collaboration project with VMware. About four years ago, when we got back to Israel, I found my way into cybersecurity, joining the research team at Imperva.
Have you always been in the same role at Imperva?
SM: No, I started out as a researcher for almost two years and was then promoted to team lead in the research group. I now manage a group of three researchers who work on machine learning and AI algorithms for the data security products at Imperva, mainly for CounterBreach – a product designed to protect organizations from insider threats.
What do you love about your job?
SM: First of all, I like that we’re the good guys. We’re sort of like the police, trying to catch the bad guys. I enjoy the technical challenges of my job. Since I’m in research, both the problems we try to solve and the solution options are diverse – this allows me to learn all the time and stay up to date with technologies. I like the fact that I work in an environment with smart and inspiring people.
How has the cybersecurity industry changed over the course of your career?
SM: I’ve only been in cybersecurity for four years, but there are two big trends I’ve noticed. First, more and more companies are recognizing the need for data security. Data breaches are occurring at a pace that’s nearly impossible to keep up with at this point. And secondly, the adoption of machine learning in security solutions is accelerating. We use machine learning in our products at Imperva to help identify unusual access to data with the goal of preventing data breaches.
Have you found that more women are getting into cybersecurity?
SM: I wish I could say so, but honestly, I haven’t seen much change over the course of my career. Before I worked in security, when I was part of a group building video and audio algorithms, most of my colleagues were men. Compared to that industry, there are more women in security. But it’s far from being 50/50. My hope is more women join the cybersecurity ranks, and tech in general. I loved math and science as a kid and I think investment in STEM education is important. Cybersecurity work is so rewarding and there’s so much opportunity—the industry is not slowing down. It’s the exact opposite, the need for security is only becoming more critical in today’s world.
Congratulations on becoming a patent holder! Tell us about that process.
SM: Thanks! This is actually my third patent at Imperva. As a researcher, writing a patent on research work is a great accomplishment. When we develop a unique, innovative algorithm to solve a problem, the next step is to write a patent to protect the idea. We identify the differentiators of our algorithm and work with a lawyer to write the patent. In the last patent, we developed a new approach for protecting files in an organization’s file share. The traditional file security approach is based on applying static permissions to users in an organization. Our new approach is much more agile and dynamic, automatically identifying permissions to files and folders in the organization based on the access patterns of users and their peers to the files and folders. (Author’s note: You can read Imperva’s Hacker Intelligence Initiative report for more information.)
Who has been one of your biggest mentors?
In cybersecurity one of my biggest mentors has been Amichai Shulman, the former CTO and one of the co-founders of Imperva. He helped me enter both the security industry and the database domain. His advice on my research and on the security world in general always proves to be effective and fruitful.
What advice would you give someone entering the cybersecurity industry today?
SM: My recommendation – which is true for other industries as well, not only cybersecurity – would be to stay super agile. You need to learn all the time, you need to read all the time and stay up-to-date on technology and attacks. Everything is changing rapidly. Don’t assume once you know something about a topic or technology that you’re done learning. At the pace things change you need to constantly be open to new information, especially in tech.
I am a professional doubter. In research, we see ourselves as detectors…we need to doubt everything, we need to really understand processes, and always ask ourselves if we understood everything correctly and if we didn’t miss anything. Being thorough is paramount.